To try everything Brilliant has to offer-free-for a full 30 days, visit brilliant.org/Ardens/ . You’ll also get 20% off an annual premium subscription.
One thing quantum computers are millions of times faster then regular computers and this is early quantum computers so in the future they could be much much faster so a brute force will go from taking 20 years to 2 seconds (yes they are that fast)
"Hey its me, your (insert family or associate). I meant put some money onto (account) for you. Whats the password again?" Hearing that with no expectations of an attack or when you are stressed/very busy is all it takes for you to speak before you think.
Especially now that PayPal, SoFi, etc are all using these third parties that just ask for your BANK PASSWORD to be able to transfer money from bank to their accounts, basically normalizing this behavior and calling it "secure"
you know that you can navigate a web page with only the keyboard and when filling in multiple things it's way faster then reaching for a mouse or touchpad so it's not bullshit if it's like they guessed the things with hints though in reality the dude probably just going to run a shortcut so they're just going to be using the mouse
Dumpster diving worked ... in the 60s and 70s. My University printed the new users passwords on a shared printer accessible to all professors and post graduates. The sheet got there until someone get to claim it allowing a lot of time for anyone to copy it.
@@neoleonor7140 Off course there were: IBM 360 was launched in 1964, PDP 11 was launched in 1970, Centurion in 1964. Even microcomputers: Sphere was from 1975.
@@BentleyGaming-roblox But there were mainframes: PDP-1 was from 1959, IBM 360 was from 1962. In my University they used a PDP-11 to control the particle accelerators (a Pelletron and a LINAC yeah old stuff) since the 70s.
I mean, condoms prevent you from receiving malicious (viruses) or just unwanted in a particular case (sperm) genetic data, which is not far from cybersecurity
As a sidenote, it's much more efficient to make a password longer, than to add special characters, as the amount of possible passwords is the number of allowed characters to the power of the amount of positions. So simply making a passworld longer increases cracking time exponentially, while forcing the user to use a special character increases the time linearly and also makes the password much harder to remember
When i rented from a friend of mine who was paranoid about his cyber security, his wifi pasword was literally 100 characters long...which required him to keep it in a digital document he messaged to me to copy and paste....completely obviating the point of such a long password
If anyone's curious, I did some math: There's 52 possible letters you can use (26 lowercase and 26 uppercase) and 42 numbers/symbols. If you have an 8 character password with just letters, then you have 52^8, or 5.3×10^13 possible combinations. With special characters and numbers, you'd then have 84^8, or 2.5×10^15 combinations. Adding a ninth character to a password with only letters brings the possibilities to 2.8×10^15, about 12% more than making a character special. Say we have the same 8 character password, but a number and special character are required. Most people would only put one of each in their password, so a hacker might reasonably assume this. Interestingly, the password is not much better, with a total of 10*32*52^6*8*7, or 3.5×10^14 passwords possible. This is an increase of 663%, whereas adding a 9th letter increases the number by 5,200%, and assuming any character could be anything increases by 4,637%. This last scenario typically only happens if someone has a password manager.
@@Arceus3251 I wouldn't be so sure - social engineering tactics are a tactic anyone in security-focal roles can absolutely capitalize on, and from there, you have an effective attack vector. Human error is notably the most likely breach of security, and when you compare "human stupidity" versus "the size of the universe", you will find the former _vastly more infinite._
Level 11: Rule based attack Basically a dictionary attack, however, an attacker has a list of predefined rules such as "replace the letter a with @" or "add a number to the end to the password" or "capitalise the first letter". These are useful for working with those pesky password policies. Although these attacks can still take a long time depending on the target
Level 12: Password spraying attacks A lot of services will block you if you attempt to try to log into a person's account too many times. Hence, attackers will only try 2-3 common passwords per an account before trying the next one. This is really good if you have hundreds of known or easily guessable accounts
6:05 Huh, I'd like to see at least ONE reference to the term 'adversary in the middle attack' actually being used. I've always heard MITM or on-path attack.
Don’t delete the data in the drive, format the drive instead so that data recovery tools can’t even detect the file even existed. Don’t use ‘quick’ format options as that doesn’t override data that was on the drive in the first place. Deleting and removing data have very different meanings. Deleting removed the symbolic link to the file (so programs like RecycleBin can detect the file and restore the contents in the exact same directory of where the file was deleted), erasing it makes any data unreadable.
there's tools that overwrite drives with random bit values and then format to totally shred any residual data as I think some filesystems can retain a cache or something
@@greensheen8759 Yeah; I bought an used HDD on eBay once and had to recover my own data after the Filesystem was lost and OS forced me to format. Not only were my files still there, I also recovered disturbing s*t from the former user who had (to their knowledge) formated everything. I used Eraser File Shredder before, but recently their website looks fishy af!
Here's one insanely impractical one: Using CPU vulnerabilities like Meltdown, a threat actor can probe a locked machine and try a password character by character. Since the CPU has already loaded the correct passwort into memory, the actor can see if the character is correct, based on how long the response takes. A correct character gets a slightly slower response, at which point the actor can start trying the next character until the whole password is know.
Fun fact: if you memorize alt codes, you can generate a secure numeric string using more fancy ASCII characters. I actually hide a couple of these characters in my passwords just because I can, and it's fun hearing blackmailers get confused when an old account finally gets breached. Just make sure you use alt codes you can easily remember, like 256, 69, or 42. I'm not on my computer RN, so I can't demonstrate what these examples would be, but if you're crazy enough, you can have a password that uses only alt codes, and I'm considering integrating it as part of the arg handbook
@@JamesTDG 204 and similar are fun too, along with emojis, just make sure you don't need that account on other devices because emojis can be hard to match sometimes
The best brute force hacking tool: RNG to make a variable length string + RNG to fill each character of it + GPU = profit, or just use the infinite monkeys with typewriters
1:40 Actually, you would be shocked how many people would toss away sensitive data on paper or hard drives. It's extremely likely, and usually with older generations, that their passwords are written down. Or passwords are literally just, password123.
Is funny that as I progressed in my university cs study. I now understand more and more of what people are referring to, which is great cause I genuinely enjoy uni and learn a lot off actual useful cool shet. Edit: also my professor once told me most attacks actually came from within, because people can’t do much when the “attackers” is within the protections
Level 13 super brute force if level 12 doesn’t work Super brute force well basically always work because in like a few tries it’s like brute force, but But it’s the most efficient possible it gets more efficient every time you do it
To be clear, any divice works for dumpster diving. Cheap smart divices hold your wifi passwords, usally unencrypted. Also the part about him destorying the divice isnt a joke. Deleting files from a hard drive doesn't delete them. And even writing over them isnt always effective. Ssd's should be fine with wiping tho (not sure check yourself)
3:51 Length is more important, and the latest recommendations from NIST emphasize length, not numbers and symbols. It used to be assumed a (one) short password would be easier to remember even if complex, but now we use lots of accounts, and in the "real world" the old rules cause vulnerabilities by people writing them down (see dumpster diving, shoulder surfing) or reusing them (credential stuffing).
#2 Yeah destroying drives is better than not, but mechanical destruction can often still be reversed (does make it harder, though) It's like how shredding doesn't make the documents secure, the info is still there, it's just mixed up. With enough patience (and lots of tape), you can unscramble it. So then they started cross shredding too, but, again, the data is still there, it's just harder to recover. This is why really sensitive documents are splotched with the same type of off black ink. But if it was a color printer you need to splotch each base color, too, or else the data is still recoverable. Then you cross shred it making it completely unrecoverable. If it was written, though, the only thing you can do is write over it with different characters, one at a time. And it has to be letters, not scribbles, because the scribbles are too uniform and the writing divets can still be seen. The only fix is to write actual characters down, multiple per single character spot. And you can often still pick out the individual letters, so it just creates a phase space where the answer still exists, but you have to parse an absolutely ton of crap.
The "credential stuffing attack" is probably more dangerous now. Now that we have Ai, in theory, it can probably guess each person's tendency and common words used in the password. Making it guess similar passwords that the users probably have. And this is wayyy more efficient than brute forcing attacks or dictionary attacks. So everyone, dont just make different passwords, make them different enough
As someone who developed a working cross-platform brute forcing script it is really easy to break into accounts even if its a "level 1" hacking method.
For brute force, do special characters really help that much? The alphabet, lower and upper case, give you 52 characters, numbers give you an additional 10, and so do the standard 10 special characters. Wouldn't it be better to just add more characters?
How about this:Someone brute forces your password, let's say the password is 123,and the bruteforcer managed to brute force upto 120 but at that same time you change your password to 100. Because the bruteforcing tool have already known that 100 is not the correct password and wouldn't care about that password, even if the bruteforcing machine managed to go upto a million quadrillion it still would not be able to crack your password.So whoever is reading this make sure to change your password frequently. But there is still a tiny little possibility of the bruteforcer to gain your password. Assume that your password is 100 and the bruteforcer managed to get upto 69 and you changed your password to 70 then it wouldn't take much time for the bruteforcer to crack your password, but still the chances are pretty slim.
Generally when an attacker is bruteforceing a password they will be attacking the hash and not attempt to in millions of times, so changing your password at all will mitigate the attack
Fantastic...Powerful strategy!!! Thank you very much for the clear concise explanation!! You are a good person and the first I've come across without expecting any money from beginners like us who are already struggling providing for our families. God bless you.
I feel like those "top most used passwords" lists are misleading. They're obviously not sourced from proper databases, since those passwords are irretrievable. So they must be sourced from either full database dumps of insecure databases, or lists of compromised credentials. The latter, especially is always going to lean towards easy passwords. The former, dumps from databases that were insecurely storing passwords, might be a more accurate view of the kinds of passwords used in general, but it's still only a small view.
To try everything Brilliant has to offer-free-for a full 30 days, visit brilliant.org/Ardens/ . You’ll also get 20% off an annual premium subscription.
first 🤓🤓🤓
brilliant stop sponsoring every fucking youtube video i watch
@@number1-willstetsonsimp you're not the only one
One thing quantum computers are millions of times faster then regular computers and this is early quantum computers so in the future they could be much much faster so a brute force will go from taking 20 years to 2 seconds (yes they are that fast)
@@torgerthorkildson725 hi n
you forgot the "call the person and openly ask for their password" it works more often than some would think...
"Hey its me, your (insert family or associate). I meant put some money onto (account) for you. Whats the password again?"
Hearing that with no expectations of an attack or when you are stressed/very busy is all it takes for you to speak before you think.
Idk man, fairly sure I'd notice if my dead father called me.@@starplane1239
So. What is your password?
Bold of you to assume I know my password
Especially now that PayPal, SoFi, etc are all using these third parties that just ask for your BANK PASSWORD to be able to transfer money from bank to their accounts, basically normalizing this behavior and calling it "secure"
Level 11: Typing a bunch of stuff without touching the touch pad or mouse and then muttering "I'm in."
Works every time.
thats why i use it all the time
you know that you can navigate a web page with only the keyboard and when filling in multiple things it's way faster then reaching for a mouse or touchpad so it's not bullshit if it's like they guessed the things with hints though in reality the dude probably just going to run a shortcut so they're just going to be using the mouse
@@cameleon2mur80yapping
Bro on some penguins of Madagascar ass shit
@@gemstonepuppetcrying
"Dumpster diving attack has something to do with retrieving passwords from the cache or something, right? Oh, it's literal dumpster diving. Nevermind"
The most powerful technique of all: Social engineering.
Can have the tightest security in the world, but a man's lips is the loosest.
but what about a woman's lips?
@@averagejoey2000bad down
isnt social engineering almost the same as phishing?
@@kylesnotepic Phishing is a form of social engineering
@@averagejoey2000same as a man of similar demographics
Dumpster diving worked ... in the 60s and 70s. My University printed the new users passwords on a shared printer accessible to all professors and post graduates. The sheet got there until someone get to claim it allowing a lot of time for anyone to copy it.
Aren't there no computers in the 60s or 70s
@@neoleonor7140there were, but very basic
@neoleonor7140 there was in 1962 I think
Before 1962 we only used PCs for Rockets and shi-
@@neoleonor7140 Off course there were: IBM 360 was launched in 1964, PDP 11 was launched in 1970, Centurion in 1964. Even microcomputers: Sphere was from 1975.
@@BentleyGaming-roblox But there were mainframes: PDP-1 was from 1959, IBM 360 was from 1962. In my University they used a PDP-11 to control the particle accelerators (a Pelletron and a LINAC yeah old stuff) since the 70s.
That condom analogy caught me off guard lmaooo
On a cyber security video, why does this not surprise me…
So true, imagine watching the video in public and with no headphones
I mean, condoms prevent you from receiving malicious (viruses) or just unwanted in a particular case (sperm) genetic data, which is not far from cybersecurity
@@kwameappiahkumi5833 no living soul should ever watch any videos in public
Lmaol!!!!!
As a sidenote, it's much more efficient to make a password longer, than to add special characters, as the amount of possible passwords is the number of allowed characters to the power of the amount of positions. So simply making a passworld longer increases cracking time exponentially, while forcing the user to use a special character increases the time linearly and also makes the password much harder to remember
This assumes a brute force attack. Dictionary attacks don't care that much about it.
When i rented from a friend of mine who was paranoid about his cyber security, his wifi pasword was literally 100 characters long...which required him to keep it in a digital document he messaged to me to copy and paste....completely obviating the point of such a long password
The safest password I ever used was a three verse poem. Easy to remember because it rhymes and insanely long.
If anyone's curious, I did some math:
There's 52 possible letters you can use (26 lowercase and 26 uppercase) and 42 numbers/symbols. If you have an 8 character password with just letters, then you have 52^8, or 5.3×10^13 possible combinations. With special characters and numbers, you'd then have 84^8, or 2.5×10^15 combinations. Adding a ninth character to a password with only letters brings the possibilities to 2.8×10^15, about 12% more than making a character special.
Say we have the same 8 character password, but a number and special character are required. Most people would only put one of each in their password, so a hacker might reasonably assume this. Interestingly, the password is not much better, with a total of 10*32*52^6*8*7, or 3.5×10^14 passwords possible. This is an increase of 663%, whereas adding a 9th letter increases the number by 5,200%, and assuming any character could be anything increases by 4,637%. This last scenario typically only happens if someone has a password manager.
@@AkiraTheCatgirl0 kudos to you for actually crunching the numbers
so many people got into my alt account to dox me that they can't even dox me anymore because there's 200 devices all in different places
That's pretty funny NGL
@@actuallyasriel if you think that is funny you haven't seen my sandbox the viruses are breaking each other by infecting the other viruses
@@cameleon2mur80
*Natural selection*
@@cameleon2mur80 Bro that's not a sandbox that's a petri dish
yo i got a biologist and a historian in the comments lets go
8:11 unexpect user on your family plan💀
ikr
yeah that got me too XD
I was only looking for THIS comment XD
number 1 lesson in cybersecurity, you are always the vunerability. called the phishing attack one right off the bat
Did you update the report?
"I know jackshit about cyber security"
I hold a degree in cyber security. This is significantly more than "jackshit"
Very informative, cheers!
If anyone knew as much as he said here, people's secuirty would be way safer and have a better life
@@dubbyplays It'd put me out of a job, though
@@Arceus3251 I wouldn't be so sure - social engineering tactics are a tactic anyone in security-focal roles can absolutely capitalize on, and from there, you have an effective attack vector.
Human error is notably the most likely breach of security, and when you compare "human stupidity" versus "the size of the universe", you will find the former _vastly more infinite._
Level 11: Rule based attack
Basically a dictionary attack, however, an attacker has a list of predefined rules such as "replace the letter a with @" or "add a number to the end to the password" or "capitalise the first letter". These are useful for working with those pesky password policies. Although these attacks can still take a long time depending on the target
Level 12: Password spraying attacks
A lot of services will block you if you attempt to try to log into a person's account too many times. Hence, attackers will only try 2-3 common passwords per an account before trying the next one. This is really good if you have hundreds of known or easily guessable accounts
I like to imagine that Shitbird is used for Twitter
The real twist is that this video was not sponsored by a VPN or a password manager.
6:05 Huh, I'd like to see at least ONE reference to the term 'adversary in the middle attack' actually being used. I've always heard MITM or on-path attack.
Same
It was a joke I think
Man in the middle rolls better on the tongue. I'll keep using it or else also rename hangman to hangperson
no hangman is more iconic
its a joke....
transwomen are holding up our infrastructure so they had to change it smh
But he did use it....
lol let’s play a game of hangperson
Don’t delete the data in the drive, format the drive instead so that data recovery tools can’t even detect the file even existed. Don’t use ‘quick’ format options as that doesn’t override data that was on the drive in the first place.
Deleting and removing data have very different meanings. Deleting removed the symbolic link to the file (so programs like RecycleBin can detect the file and restore the contents in the exact same directory of where the file was deleted), erasing it makes any data unreadable.
there's tools that overwrite drives with random bit values and then format to totally shred any residual data as I think some filesystems can retain a cache or something
Formatting doesn't affect the data, it's still visible to recovery tools. You need to overwrite it as well or use full disk encryption
Can i physicaly burn it
@@svyetochkaum I'm sure that'd work as long as you do significant damage
@@greensheen8759 Yeah; I bought an used HDD on eBay once and had to recover my own data after the Filesystem was lost and OS forced me to format.
Not only were my files still there, I also recovered disturbing s*t from the former user who had (to their knowledge) formated everything.
I used Eraser File Shredder before, but recently their website looks fishy af!
Having the password at 4:04 was either brilliant or accidental but I love it either way.
what password? i didnt notice any other paswords except k_O8v3
Here's one insanely impractical one:
Using CPU vulnerabilities like Meltdown, a threat actor can probe a locked machine and try a password character by character. Since the CPU has already loaded the correct passwort into memory, the actor can see if the character is correct, based on how long the response takes. A correct character gets a slightly slower response, at which point the actor can start trying the next character until the whole password is know.
3:59 Imagine having that exact password and it randomly showing up here
Fun fact: if you memorize alt codes, you can generate a secure numeric string using more fancy ASCII characters. I actually hide a couple of these characters in my passwords just because I can, and it's fun hearing blackmailers get confused when an old account finally gets breached. Just make sure you use alt codes you can easily remember, like 256, 69, or 42.
I'm not on my computer RN, so I can't demonstrate what these examples would be, but if you're crazy enough, you can have a password that uses only alt codes, and I'm considering integrating it as part of the arg handbook
@@JamesTDG 204 and similar are fun too, along with emojis, just make sure you don't need that account on other devices because emojis can be hard to match sometimes
7:29 Okay, that one was unexpected!
just under 1234567 and above 1234567890
**visible confusion**
6:13
*That one illegal hacker woman that was offended by the name be like*
The fuck are you talking about
@@jaceyjohnson8922 man-in-the-middle > adversary-in-the-middle... Like who cares that it is "man" in this case, it is man as in human and not man
The scrungle
@@gabrielarrhenius6252I think you mean huperson
@@jaceyjohnson8922 are you stupid or something
7:03 nice choice of anime right there
¿Name of the anime?
Anime?
@@bratluv57 Clannad
@@Camilux07 Clannad
2:45 might as well worry about your vrginity getting stolen too
😏
i hate when hackers break into my home and do that
Ayoo, I'm glad to see you're back! Hope to see more. Great video
The best brute force hacking tool: RNG to make a variable length string + RNG to fill each character of it + GPU = profit, or just use the infinite monkeys with typewriters
The monkeys said they were hungry. Anyone got infinite bananas I could borrow
People laughing about the "treat your passwords like condoms" part but the one that made me laugh the most was "shitbird"
the "unexpected member of the family plan"
man i love your references,
"unless you are taking a train in tokyo during rush-hour" XD
sponsor ends at 5:26. you're welcome
It's usually exactly one minute long so if you skip one minute 70% of the time you'll skip just the ad
1:30 evidently you haven't seen my mother's work laptops
Still have my old laptops sitting around because E-waste poisoning is no joke.
@@SupersuMC Hers have the password taped over the camera, really shows her priorities
I love how “shitbird” is a common password.
When the police goes on a manhunt, I hope they change it to person-thingy-hunt too.
"Unless you're on a train. In Tokyo,at rush hours, and then having your password stolen should be the least of your worries" had me cracking up
That Winney the Poo meme about S.Q.L. or "sEqUeL" was a personal attack.
Where's squeal
My collage teachers still call it man-in-the-middle attacks
I dont think many people know, or care, about politicizing IT terminology
@@piroman85 so true, so when it happens it is just stupid
@ReaverSoul no
@@gabrielarrhenius6252 He is, you're just stupid.
1:40 Actually, you would be shocked how many people would toss away sensitive data on paper or hard drives. It's extremely likely, and usually with older generations, that their passwords are written down.
Or passwords are literally just, password123.
2:03 Green me stay alone ramp
the art for this one is awesome.....................
8:13 Always use your passwords like a .... , well, thanks, I leaned it well.😂
I would love to see a video like this with the best hash function specific for storing passwords!
2:10
I did this once to get on the family computer.
didn't we all
Another unusual type of attack is Clairvoyance
Level 11: An Hacking Organization level captable to Defeat AES-256 in just couple days
Level 12: A Guy who eats AES-256 as breakfast
Level 2: You do not reliably destroy data by beating it. First, fry it in the microwave, then bake it in the offen and then smash it.
Rainbow table is not pasword:ifyouhackemeyouaregay
hacks you immediately (for legal reasons this is a joke)
p♂️ass♂️word
I mean thats rainbow so i guess
Which gay is this? The umbrella term for the lgbt+ or the dude who doesn't wear socks
The guys who says "homo" after doing something straight.
Is funny that as I progressed in my university cs study. I now understand more and more of what people are referring to, which is great cause I genuinely enjoy uni and learn a lot off actual useful cool shet.
Edit: also my professor once told me most attacks actually came from within, because people can’t do much when the “attackers” is within the protections
Its been a minute, but hes back...
What is your math confort level? 4:30
Me: 1+1
Dictionary Attack
PC: Use a dictionary to steal someones password
School:*GETS HEADSHOT BY 1800 PAGES OF WORDS*
I mean if somebody threw my country's dictionary at me I'd probably die or get severe brain damage
@@damy2433 I know right?
Very smooth ad-roll intro
5:27 where the sponsor ends
Thank you, sir
You are the goat 💯
just remember: your strongest password security is only as strong as your dumbest employee.
Level 12: Asking (remember to say the magic word)
Level 13 super brute force if level 12 doesn’t work Super brute force well basically always work because in like a few tries it’s like brute force, but But it’s the most efficient possible it gets more efficient every time you do it
Yippie!! Finally I can crack the password of my pc I lost 2 years ago and didn't totally just found it
To be clear, any divice works for dumpster diving. Cheap smart divices hold your wifi passwords, usally unencrypted. Also the part about him destorying the divice isnt a joke. Deleting files from a hard drive doesn't delete them. And even writing over them isnt always effective. Ssd's should be fine with wiping tho (not sure check yourself)
no way ardens is alive!
3:51 Length is more important, and the latest recommendations from NIST emphasize length, not numbers and symbols. It used to be assumed a (one) short password would be easier to remember even if complex, but now we use lots of accounts, and in the "real world" the old rules cause vulnerabilities by people writing them down (see dumpster diving, shoulder surfing) or reusing them (credential stuffing).
what a thorough and engaging review, learned a lot!
“If brute force doesn’t work, you aren’t using enough of it”
Number 11: Oopsie daisy, your company accidentally made the database indexable on search engines
#2
Yeah destroying drives is better than not, but mechanical destruction can often still be reversed (does make it harder, though)
It's like how shredding doesn't make the documents secure, the info is still there, it's just mixed up. With enough patience (and lots of tape), you can unscramble it. So then they started cross shredding too, but, again, the data is still there, it's just harder to recover.
This is why really sensitive documents are splotched with the same type of off black ink. But if it was a color printer you need to splotch each base color, too, or else the data is still recoverable.
Then you cross shred it making it completely unrecoverable.
If it was written, though, the only thing you can do is write over it with different characters, one at a time.
And it has to be letters, not scribbles, because the scribbles are too uniform and the writing divets can still be seen. The only fix is to write actual characters down, multiple per single character spot. And you can often still pick out the individual letters, so it just creates a phase space where the answer still exists, but you have to parse an absolutely ton of crap.
The Shoulder Surfing sounds so dumb that I thought you made it up
2:03 Just Format your HDD (without fast formatting), not destroying your computer
That is not a guarantee. For hard drives, if you really want to be secure, you need to destroy them. One way is degaussing.
Brute force goes hard, not only in this context.
The "credential stuffing attack" is probably more dangerous now.
Now that we have Ai, in theory, it can probably guess each person's tendency and common words used in the password. Making it guess similar passwords that the users probably have.
And this is wayyy more efficient than brute forcing attacks or dictionary attacks.
So everyone, dont just make different passwords, make them different enough
Incredible use of memes, 100/10
Don't forget about side channel attacks
2:44 oh yes, the classic doujin plot
"This is impossible! Never in my life would I be able to get this right!"
Guessing: 😏
As someone who developed a working cross-platform brute forcing script it is really easy to break into accounts even if its a "level 1" hacking method.
aaaa why are your drawings so adorablee ,w,
Alternative method: Tortur- "Enhanced Interrogation Techniques"
For brute force, do special characters really help that much? The alphabet, lower and upper case, give you 52 characters, numbers give you an additional 10, and so do the standard 10 special characters. Wouldn't it be better to just add more characters?
complex passwords are difficult for the user, versus passphrases which are easy for the user but hard to crack. Your thoughts on that?
I learnt so much, thank you!
How about this:Someone brute forces your password, let's say the password is 123,and the bruteforcer managed to brute force upto 120 but at that same time you change your password to 100. Because the bruteforcing tool have already known that 100 is not the correct password and wouldn't care about that password, even if the bruteforcing machine managed to go upto a million quadrillion it still would not be able to crack your password.So whoever is reading this make sure to change your password frequently. But there is still a tiny little possibility of the bruteforcer to gain your password. Assume that your password is 100 and the bruteforcer managed to get upto 69 and you changed your password to 70 then it wouldn't take much time for the bruteforcer to crack your password, but still the chances are pretty slim.
you should change the pw frequently but not for that reason..
Generally when an attacker is bruteforceing a password they will be attacking the hash and not attempt to in millions of times, so changing your password at all will mitigate the attack
*6:31** this should be "squeel". I heard one guy pronounce it like that*
06:30 Oh heck, that one got me. Exactly how I feel on the matter, too.
Why did my wifi crash once you said wifi eavesdropping??
Ardens what did you do ?
Dumper Diving works wonders in immersive sim games.
here's my foolproof measure against phishing attacks; I just don't check my email lol
Don't forget there are people out there with the same password as their username 😂
So that's why micros*ft tracks everything one does including his keyboard!
3:59 which is now made to a couple seconds thanks to your video
i need these for when i forget my password and the password reset emails don't send
Shitbird is a reference to talltales walking dead game series
Hacker: "if it's not 0% then it's like 100%"
4:13 Tsar bomba with 1 second prep time
Fantastic...Powerful strategy!!! Thank you very much for the clear concise explanation!! You are a good person and the first I've come across without expecting any money from beginners like us who are already struggling providing for our families. God bless you.
come say hi: discord.gg/yaNKyJ26pn
hello uhhh first reply i guess
hi
i pulled off the shoulder surfing on my friend
can't beleive that happened
the 6 year old that died to someone once on roblox: thanks
treat your passwords like- *WHA-*
Awesome video man. New subscriber ✌🏻
Brute force is my favorite method.
One time I logged in my friends school computer that way.
I feel like those "top most used passwords" lists are misleading. They're obviously not sourced from proper databases, since those passwords are irretrievable. So they must be sourced from either full database dumps of insecure databases, or lists of compromised credentials. The latter, especially is always going to lean towards easy passwords. The former, dumps from databases that were insecurely storing passwords, might be a more accurate view of the kinds of passwords used in general, but it's still only a small view.
I used the looking over shoulder tactic to snipe my sister's tablet password.